An individual is attacked with ransomware every 10 seconds according to the Kasperksy Security Bulletin. The same bulletin reports businesses are hit every 40 seconds. While many enterprise network specialists attempt to harden their networks against the most recent ransomware threats, some smaller networks are being forgotten.
The majority of ransomware is delivered via email and remote desktop protocol (RDP) according to Osterman Research and Webroot. While it is true that businesses have bigger pocket books to pay up if something occurs (not saying you should), this doesn’t mean the small home or business network is less vulnerable or less valuable.
What Will It Cost Me?
For small businesses, trade secrets, financial reports, contracts and reports, all have a value, but your time required to recreate this data can’t be replaced. As an individual, your personal financial data may have a value, but pictures of family members and movies of your children are priceless.
So would you pay to get your data back? According to the Symantec 2017 Internet Security Threat Report, the average ransom demand has risen to $1077, an increase of 266% in the past year. However, some ransoms have been upwards of $10,000.
So I Can Just Pay Up, Right?
Of those that paid up, only one in five got their data back (based on business data). Bottom line is, there are no guarantees. Once the data is gone, it’s gone. Never to return.
How Do I Protect Myself?
Take preventative steps like the ones listed below to protect yourself to avoid becoming a victim. And if you do, you will more than likely be able to restore the majority of your data.
Ransomware Protective Actions
- Maintain air gapped backups (disconnected from the computer)
- Keep operating systems and software up to date
- Avoid opening emails from unknown senders. Never open the attachments.
- Avoid visiting suspicious links on social media sites like Facebook, Twitter, etc.
- Avoid suspicious sites and downloads.
- Use a modern browser such as Chrome, Firefox, or Microsoft Edge
- Do not enable macros from email attachments.
- Maintain up to date virus software.
- Disconnect your computer from your network if you identify an infection
- If using cloud storage, select a provider that allows the archival of prior file versions.
- Encrypt secure file sets (won’t stop ransomware but will help secure you from identity theft if your data is taken)
- Restrict users from being able to install applications. Administrators, yes this means run in a restricted account. Even with Windows User Access Control.
- Leave Windows User Access Control (UAC) turned on.
- Limit access to network shares. Require user authentication to access and only share what is required. Be sure to maintain backups of the network share data.
Stay Safe and Share the Knowledge
Now that you have a few additional tricks to help you avoid becoming a victim of ransomware, share the knowledge with family members and co-workers. Remember, mobile devices are just as vulnerable, so don’t overlook them in your protective efforts. If you liked this article, get our latest content sent directly to your email by signing up for our newsletter here.